Charles Town, WV

Security Officer/Information Security Officer



The Security Officer/Information Security Officer (ISO) is responsible for the ongoing management of physical and information security policies, procedures, and technical systems in order to maintain the confidentiality, integrity, and availability of all organizational information systems.


Reports To: Sr VP/Chief Information Officer
FLSA Status: Exempt
Information Security
• Responsible for implementing, managing, and enforcing information security directives as mandated by Gramm-Leach-Bliley Act (GLBA).
• Ensure the ongoing integration of information security with business strategies and requirements.
Lead information security awareness and training initiatives to educate workforce about information risks.
Serve on the IT Committee.
Responsible and accountable for the day-to-day management of the Information Security Program.
Perform or manage ongoing information risk assessments to ensure that information systems are adequately protected and meet GLBA requirements.
Work with the IT Department, vendors, outside consultants, and other third parties to improve information security within the organization.
Subscribe to threat notification networks, new regulations, and information sharing networks to stay current on requirements and new threats to the industry.
Monitor and review software application access and permission levels.
Responsible for Identity Theft Red Flag and Prevention
Vendor Management
Lead vendor management efforts to ensure adequate performance and security practices are in place.
Perform as site administrator for vendor management software application.
Ensure proper completion of all vendor tasks across the organization.
Disaster Recovery / Business Continuity / Incident Response
Lead an incident response team to contain, investigate, and prevent future computer security breaches.
Conduct exercises at least annually to test the overall preparedness of the bank’s disaster recovery and/or business continuity plans.
Physical Security
• Responsible for the development, implementation and monitoring of the bank’s security policies and procedures.
Conducts training to bank personnel on security procedures.
Maintains and tests bank alarms and cameras.
Conducts continual surveys of all offices and departments to determine the need of additional security services and makes appropriate recommendations.
Provides written reports to senior management concerning security issues.
Maintains communication with law enforcement officers and maintains files for each location regarding available resources and emergency service agencies available.
Maintains neat and orderly work area and ensures that all negotiables and confidential records are properly secured each day.
Understands role in case of robbery, whether victim or bystander, and knows proper post-robbery procedures.  
• Adheres to all bank policies and procedures and to internal controls and system access restrictions.
Reports to the Board on an annual basis on the Bank’s security program.
• Ensures annual Fire Drills are conducted at all offices.
Reprogram vault lock combinations at branch sites as needed.
Client Service 
Knows the Bank’s products and services thoroughly.
Continuously demonstrates a helpful, friendly attitude and is committed to providing excellent client service to fellow associates.
Serves as a model of excellent client service to other employees.
Professional appearance that evokes the client’s trust 
Other duties may be assigned.
Must possess a high degree of integrity and trust along with the ability to work independently.
A thorough knowledge of financial institution information technology and networking operations and related control and risk management systems.  
A good working knowledge of information security tools, procedures and practices.
Excellent interpersonal and communication skills.
Excellent documentation skills.
Must have a high degree of accuracy and attention to detail.
Ability to weigh business risks and enforce appropriate information security measures.
In-depth knowledge of GLBA and other information technology regulations. 
Self-Development: pursue additional education or training to remain current, improve knowledge, and diversify skills.  
Client confidentiality:  never reveal or divulge client information to anyone outside of the Bank.
Versatility:  Ability to multi-task under pressure and fast-paced environment.  
Competent with Microsoft Office Products
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.  The requirements listed below are representative of the knowledge, skill, and/or ability required.  
A post-secondary certification or degree in the field of Cybersecurity is preferred.  In lieu of this education, the candidate should have a BA or BS in one of the following fields of study:
Computer Science
Management Information Systems
Computer Information Systems
A BBA, MBA or BA in Accounting or Finance, in conjunction with appropriate, directly related banking experience, will also be acceptable.
Professional Certification – Professional certification such as CISSP, CNA or CISA is preferred, but not required for this position.
BCT is a 100% smoke-free company.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
While performing the duties of this job, the employee is regularly required to stand; use hands to finger, handle, or feel; reach with hands and arms; and talk or hear.  The employee must regularly lift and/or move up to 10 pounds, frequently lift and/or move up to 25 pounds, and occasionally lift and/or move up to 50 pounds.  
This job description is not designed to cover or contain a comprehensive listing of all duties/responsibilities required of position.  Duties/responsibilities may change or be assigned at any time with or without notice.
BCT is an Equal Opportunity/Affirmative Action Employer
BCT supports a workforce of diversity, equity, inclusion, and accessibility.